View previous topic :: View next topic |
Author |
Message |
geders Tux's lil' helper
Joined: 19 Jun 2002 Posts: 76 Location: Purdue
|
Posted: Sun Nov 17, 2002 10:11 pm Post subject: Crapload of SUID'ed files w/Gentoo |
|
|
Using this command to find all the SUID/SGID files on my system:
Code: | /usr/bin/find / -type f \( -perm -004000 -o -perm -002000 \) -exec ls -lg {} \; &2> /dev/null >suidfiles.txt |
I get a ton of files listed...the first ones are normal (except for some reason Mahjong has the SUID bit turned on??) but what concerns me the most are the hundreds of files (900 actually) listed under
/var/cache/edb/dep/. What's the purpose of these files, and it seems like a potentially HUGE security problem...
Any hints? |
|
Back to top |
|
|
rac Bodhisattva
Joined: 30 May 2002 Posts: 6553 Location: Japanifornia
|
Posted: Mon Nov 18, 2002 1:21 am Post subject: |
|
|
SGIDing directories that are written to by multiple users ensure that all files in there get that group ID, regardless of the main group ID of the individual users. I've used this trick in the past to make it so that CGIs and mailing list archivers like MHonArc can modify each others' files. Maybe that's why /var/cache/edb/dep itself is SGID wheel. _________________ For every higher wall, there is a taller ladder |
|
Back to top |
|
|
|